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• Is it safe? 

• How do you answer that question when we've 
put people atop a vehicle oaded with millions of 
pounds of rocket fuel? 

• Of course it isn't "safe"! 

• Our challenge is to achieve the best 
understanding of the risk our mission poses to 
the public and our workforce, to include flight 
crews, in order to ensure that the goals we hope 
to achieve justify the risk. 

• Is it safe enough? 




Lessons Learned 

(the hard way) 



Processes grew out of painful experiences. 

Human spaceflight organizations focused on a few, high 
visibility missions. 

Why do people, well-trained and committed to 
excellence, make horrific mistakes? 

- Over confidence 

- Schedule pressure 

- Budget pressure 

— Extremely complex systems 

— Normalization of deviance 

— Failure to heed "lessons learned" 

What is different today? 




Comprehensive safety requirements need to be 


comprehensive set of safety requirements are key to 
the success of a program With the exception of a 
good set of reliability and quality requirements, such a 
set was lacking at the start of the shultiB program 
Use of hazard analysis methodologies was also 
lacking This resulted in the failure to identify and 
uly in the program. 
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Umited career path prestige and potential wrthin Safety 
Space Shuttle Program (SSP) controlled Safety funding 
Safety products were not used to dnve operator* products (flight ru 
'Silent Safety" era 

Rote compliance - 'No. because ..." 
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Limited career path potential within the Safety 
organization made it difficult to attract and retain 
skillad people. Safety organization must have 
similar career potential and support from human 


Funding source impacts on Safety A lack of 
Independent funding can lead to Safety being 
compromised - ‘Don't bite the hand that feeds 
you." At the very least safely needs to have 
independent funding for an independent 
assessment function to ensure that areas 
dependant on funding from the program are not 
being unduly influenced or compromised. 


Bnef period of Engmeenng Technical Base funding 


NASA HO Office ot Safely & Mission Assurance (OSMA) era 

0 1986 Roger's Commission Report i 


Safety bocamo a rote compliance organization. Rote 
compliance to requirements without regard for sound engmeenng 
judgment and risk trades gave SR&OA a bad reputation. This 


hindered effectiveness and recruitment - ‘no one wants to be a 
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Strong design requirements were in place 


Minimal communications within and between 


Safety organizations reduced integration and 

and enforced: 

- NHB 5300.4(10-2) 

- JSCM-8080 

• NSTS 07700 

• NHB 1700.7A 

organizational effectiveness. Prior to the 
Challenger accident there was not a strong 
Level It SR&OA integration function. 


Notional 
Strength/ 
Effectiveness 
of NASA 
S&MA for the 
Space Shuttle 
Program 


Shuttle Program inherited a weak safety organization 
from Apollo Years of mission success, budget 
pressure, and attrition had taken a toll 


Quality and Reliability disciplines were 



Report of the Presidential Commission on 
the Space Shuttle Challenger Accident 

. faults include a lack of problem reporting 
requirements, inadequate trend analysis, 
misrepresentation of criticality and lack of 
involvement in critical discussions. A properly 
staffed, supported, and robust safety 
organization might well have avoided these 
faults and thus eliminated the communication 
failures " 


Maintenance, logistics, and 
supportablllty analysis must start 
earty and account for the impacts 
of ground processing cycles on 
time/I ife/cycle limits Such analysis 
was not performed early in the 
program, which resulted in hardware 
up on the ground 


S&MA staffing levels and 
funding decreasing as fligb 
rates rapidly increase. 



Certification by similarity can resi 

problems Be very cautious about certifying 
hardware by similarity, especially when safety is 
weak. Variations in design, materials, manufactu 
operations, and operational environments may 
invalidate similarity assumptions. 


Safety products lagged the 
development process and were not 
considered to be in the critical path. 

Rather than being used to drive the 
design and operations, Safety 



First flights (glide and powered) were 
crewed flights. Prior programs had 
always used non-crowod flights to 
validate design prior to risking crew. 


Safety products must be available early if they 
are to influence design and operations The 

hazard reports and FMEAfCILs for the shuttle 
program wore always lagging behind the design 
process and therefore were ineffective m influencing 
the design and operation during the DOT&E phase 
of tha program. Poor to the loss of STS-51L the 
flight rules and crew procedures were developed 
without them and did not even reference them. 





Futur e Current Challenges 

* Constrained budgets - less oversight 

* Reductions in the contractor workforce 

* Reductions in the Civil Service workforce 

* Risk Informed Decision Making/Continuous Risk 
Management 

* We all are responsible for identifying 
opportunities to reduce risk, day-in and day-out 

* Is it safe (enough)? If not, SAY SO! 
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Managing Risk 



• The systematic identification, assessment, 
prioritization and mitigation of risk is essential 
to our success. 

• One of the most effective ways to reduce risk 
during the development and production of new 
vehicles is an emphasis on quality assurance, up 
front. 

- "Quality goes in before the name goes on." 

• Success requires commitment at all levels. 


Managing Risk 



• Smart people learn from their mistakes; a wise people 
learn from the mistakes of others 

• Study history, especially "lessons-learned" 

- Avoid mistakes of the past 

- Emulate the successes 

• Promote a culture that accepts "bad news" without 
retribution 

- Do not shoot the messenger 

- Encourage dissenting opinions 

- Bad news is not like a fine wine... 


Managing Risk 



• We have forged partnerships which at one 
time were unthinkable. 

-ISS 

• We will succeed. ..or fail. ..together 

• Trust 

- Insight versus oversight 

- When is "better" the enemy of "good enough"? 

- "Business as usual" is not good enough. 


How can the sky be the limit... 
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